Stevens Law Group 



Fax:408-288-7542 



Dec 9 2004 11:50 



P. 10 



Remarks 

This Amendment represents a sincere effort to respond to all of the issues raised 
in the Office Action of April 1, 2004, and to place the claims in condition for allowance 
or to reduce the issues for appeal and place the claims in better form for appeal. 

Status of the Claims 

In the application, Claims 1-22 are the only pending claims. All of these claims 
have been amended in response to the office action. Claims 9, 10 and 22 have been 
cancelled. This represents a sincere effort to advance the prosecution of this application. 

In the Office Action of April 1, 2004, claims 3 and 22 were rejected under 35 
USC 102 over U.S, Patent No. 6,598,167, of Devind et al. ("Devine"), 

In the Office Action, claims 3 and 22 were rejected under 35 USC 103 over U.S. 
Patent No. 6,598,167, of Devind et al. ("Devine") in combination with U.S. Patent No. 
6,128>657, of Okanoya et al. ("Okanoya"). 

Applicant's invention 

Generally, the invention is directed to a system for facilitating communication 
between a web browser and an application server via an intermediate webserver and for 
preventing unauthorized attacks of browser attacks directed to an application server. The 
system includes a webserver configured to communicate with a network and maintain 
information related to the authorization of browser requests to prevent multiple 
unauthorized browser attacks directed to an application server. Such unauthorized 
attacks by multiple browser requests can by detrimental to a system providing access to 
application servers. The webserver includes an application server interface for 
communicating with an application server and a network interface for communicating 
with entities via a network. The invention further includes a state server configured to 
store data related to communication sessions occurring among a web browser, a 
webserver and an application server, the state server including a communication interface 
configured to communicate with the webserver. In operation, the application server 
interface is configured to communicate with an application server. The application server 
interface includes a mechanism for receiving a signal from an application server 
indicating an authorization to communicate with the application server. A load balancing 
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device is configured to receive browser requests among a plurality of webservers. And, 
the load balancing device is further configured to screen the browser requests according 
to predetermined criteria including reauthorization indicia. Thus, unauthorized browser 
requests are prevented from making an unfriendly attack to the system. 
The Office Action of April 1, 2004, and cited References 
In the Office Action of September 21, 2004, laims 3 and 22 were rejected under 
35 USC 102 over U.S. Patent No. 6,598,167, of Devind et al. ("Devine"). The office 
action stated that Devine did not disclose a monitoring mechanism. In response, applicant 
has amended the claims to include such an mechanism and details in which it operates. 

Claims 1 and now read as follows: 
1. (Amended) A system for facilitating communication between a web browser and an 

of brow^^f " i " tmdto » Webse ™* for prevents nnauthori^ 

of browser attacks directed ro * n application nwyT /^^ 

»M t T bSC T r 5 500 ?*™? 1 to c <™nicate with a network and maintain mftwm«Hn, 

attacks directed to an application .ser ver, the webserve r having an application server 

interface for communicating with an application server and a network interface for 
communicating with entities via a network; [andj 

a state server configured to store data related to communication sessions 
occurring among a web browser, a webserver and an application server, the state server 
mcludmg a communication interface configured to communicate with the webserver 

[an] whergnUhe_a P plication server interface is configured to communicate with 
an application server, the application server interface including a mechanism for 

wTh tn^lTn m ^ a PP lication «"« indica *ng » authorization to communicate 
with the application server, the application ^ int ^„ « ^ tA ™™Z 

the session hetween an a ppli™ri 0n gen^ and a h^^ ^ * monitor 

r , / Ioad balanci "S de^ce configured to receive h™ W Ser reqnests »™ no » p ,„ Hit ., 
of webserver., wherein th e load hieing device fa fimw JZ Ured *T Y 

wherein Browser quests are prevented from making „„ n^ ^y attanlf tn , hA c ff ± 

Accordingly, applicant submits that the rejections of Claims 1 and 2 are obviated by the 
amendments. 

In the Office Action, claims 3 and 22 were rejected under 35 USC 103 over U.S. 
Patent No. 6,598,167, of Devine et al. ("Devine") in combination with U.S. Patent No. 
6,128,657, of Okanoya et al. ("Okanoya"). In response, Applicant has amended claims 
3-22, along with Claims 1 and 2 above to include the limitations directed to the 
prevention of browser request attacks on an application sever. Support is f OUnd in the 
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specification on pages 12-14, and no new matter has been added. Neither Devtne nor 
Okanoya, either individually or in combination, disclose or suggest the claimed invention 
as now claimed according to the above amendment. 

In summary, the claimed invention, with the claims as now amended, is not 
disclosed, taught or suggested by the cited references, either individually or in 
combination, nor is the claimed invention obvious in light of these references. 
Accordingly, the claims as amended are in condition for allowance, and such allowance 
is respectfully requested. If there are any further impediments to allowance, the examiner 
is invited to call the undersigned for a telephone conference to discuss any remaining 
issues. 
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Dated: October 1, 2004 

Stevens Law Group. PC 
P.O.Box 1667 
San JosesCA 93109 
Tel (408) 288-7588 
Fax (408) 288-7542 



Sincerely, 




Rj chard XJoldman 

Reg. No.: 25, 585 
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